jyapayne/Sunshine
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge commit from fork

Browse source 
* (security) Mandate content-type on POST calls

* (security) Add JSON content-type in POST requests with a body

* Added Content Type on missing endpoints

* (review) docs and newlines

* (docs) add JSON content type header

* style(clang-format): fix lint errors

---------

Co-authored-by: axfla <axfla@hotmail.fr>
Co-authored-by: ReenigneArcher <42013603+ReenigneArcher@users.noreply.github.com>
This commit is contained in:
TheElixZammuto 2025-06-27 22:57:59 +02:00 committed by GitHub
commit 738ac93a0e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
8 changed files with 127 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

13
src_assets/common/assets/web/apps.html
View file

@ -440,7 +440,12 @@
"Are you sure to delete " + this.apps[id].name + "?"
);
if (resp) {
fetch("./api/apps/" + id, { method: "DELETE" }).then((r) => {
fetch("./api/apps/" + id, {
method: "DELETE",
headers: {
"Content-Type": "application/json"
},
}).then((r) => {
if (r.status === 200) document.location.reload();
});
}
@ -540,6 +545,9 @@
this.coverFinderBusy = true;
fetch("./api/covers/upload", {
method: "POST",
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify({
key: cover.key,
url: cover.saveUrl,
@ -555,6 +563,9 @@
this.editForm["image-path"] = this.editForm["image-path"].toString().replace(/"/g, '');
fetch("./api/apps", {
method: "POST",
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify(this.editForm),
}).then((r) => {
if (r.status === 200) document.location.reload();